The absence of strong online consumer protection laws in the U.S. means that many companies have the opportunity to monitor their users and customers’ personal behavior and sell the data for profit. Following a year of massive data breaches at places like Equifax, Verizon, the NSA and Uber, it’s no wonder that 68 percent of consumers don’t trust brands to handle their personal information appropriately.
Led by the National Cyber Security Alliance (NCSA), Data Privacy Day – held every year on January 28 – commemorates the 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Launched in Europe and adopted in North America in 2008, Data Privacy Day brings together businesses and private citizens to share the best strategies for protecting consumers’ private information and encourages businesses to be more transparent about how they collect and use data.
Nearly 75 percent of Americans feel it is “extremely” or “very” important that companies have “easy-to-understand, accessible information about what personal data is collected about them, how it is used and with whom it is shared.
If your business collects personal information in person, online or via third-party apps and services be sure to consider these key issues below when collecting handling personal information:
- Ensure that the amount and type of data are appropriate to the purpose.
- Provide privacy and acceptable use policies that clearly communicates the steps you take to achieve and maintain privacy, providing details of how data is used and shared.
- Establish ways for individuals to limit their information use/sharing and clearly communicate them to your customers.
- Disclose whether you share consumer data. In addition to your privacy practices, you are also responsible for how your partners and vendors use and collect personal information.
After looking at how you collect information, you also need to consider how that information is stored and kept secure:
- Evaluate and employ controls to prevent unauthorized access to consumer data, whether it’s kept by a hosting service or onsite.
- Insure access privileges are updated regularly – for example, when an employee leaves your business, canceling access rights immediately.
- Educate employees on the importance and impact of protecting consumer and employee information as well as the role they play in keeping it safe.
- Understand and keep track of customer preferences before you share information with third parties.
- Adopt procedures to securely dispose of printed or digital copies of personal information.
Data Privacy Day is more than an annual day of awareness; it’s also a critical reminder about the importance of creating a culture of respecting privacy, safeguarding personal data and enabling trust within your organization, which is good for business!
For more information about Data Privacy Day 2018 and how you can become a Data Privacy Day Champion visit https://staysafeonline.org/data-privacy-day/become-dpd-champion/